Information processing apparatus

ABSTRACT

Since a conventional information processing apparatus includes a plurality of semiconductor devices, there is a problem that sensitive information may reside on a system bus in the apparatus or a semiconductor memory device serving as main memory therein. To obviate this problem, each information processing apparatus has a CPU which includes a microprocessor, a cryptographic processing algorithm ROM, a cryptographic processing hardware circuit, a RAM, a key custody area, and an external bus controller, which are all integrated on a single semiconductor chip. Thus, encryption/decryption processing is carried out only in the CPU, and internal operations of the CPU are made non-analyzable from an external signal of the CPU.

TECHNICAL FIELD

The present invention relates to an information processing apparatususing cryptography for ensuring the security of sensitive information instorage and transfer thereof, and more particularly to an informationprocessing architecture for providing high-level information securityprotection.

BACKGROUND ART

The following conventional techniques for an information processingapparatus using cryptography are known.

In JP-A-275115/1998, there is disclosed a cryptographic technique ofencrypting information and storing the encrypted information into anexternal storage device such as a hard disk drive. In this conventionalcryptographic technique, when encrypted data Ya and Yb stored in anexternal storage device 12 are transferred to an information terminalunit 11, the encrypted data Ya and Yb are decrypted in succession usinga deciphering key Kb held in an enciphering/deciphering key custody area35.

JP-A-214233/1998 discloses another cryptographic technique of providinga dedicated cryptographic processor in an information processingapparatus. According to this conventional cryptographic technique, thecryptographic processor for encrypting data to generate a body of asecure file is equipped in a portable-type personal computer.

In common applications of encryption and decryption processing,sensitive information to be kept in secrecy resides in main memory sincedata processing is carried out on the main memory. For informationencryption in which information is processed through an encryptionalgorithm, it is required to securely handle the encryption algorithm,cipher key information, and sensitive information to be encrypted.

The above-cited conventional cryptographic techniques, however, giverise to the following problems:

In the conventional cryptographic techniques, since sensitiveinformation and intermediate results of encryption processing are heldin main memory, there is a problem that the sensitive information may beextracted by any means. In an information processing apparatuscomprising a plurality of semiconductor devices serving as a CPU, mainmemory and other circuits, when encryption processing is carried outunder control of the CPU, an encryption algorithm, sensitive informationto be encrypted, and intermediate results of the encryption processingare held in the main memory, causing the above problem of informationextractability.

Further, since the information processing apparatus contains signallines (e.g., bus lines) for interconnecting semiconductor devicecomponents thereof, data prior to encryption or decrypted data may beeasily extracted by means of tapping the signal line and analyzing dataattained through the tapping.

In JP-A-297626/1990, it has been proposed to provide a cryptographictechnique of delivering encrypted data to external signal lines. In thisconventional cryptographic technique, key information necessary forencryption is supplied from an external source. Therefore, unlesssecurity protection of the key information is ensured, there arises aproblem that data encryption becomes useless.

DISCLOSURE OF THE INVENTION

It is therefore an object of the present invention to overcome theabove-mentioned disadvantages by providing an information processingapparatus which is configured to have the following features:

Encryption processing is carried out within a semiconductor devicecontained in the information processing apparatus. Key informationnecessary for encryption is also generated in the semiconductor device.Information regarding encryption is not output onto signal linesarranged in the information processing apparatus. Information which doesnot affect security protection even if tapped by any other person, suchas encrypted information or information not requiring encryption, isoutput onto the signal lines in the information processing apparatus.The information regarding encryption includes information which is notyet encrypted and information to be used for decryption.

More specifically, according to one aspect of the present invention,there is provided an information processing apparatus in which asemiconductor chip serving as a CPU thereof integrally contains a RAM, acryptographic processing algorithm memory, a cryptographic processinghardware circuit, a key information generating hardware circuit, and akey information storage hardware circuit. In the present invention, theterm “CPU” is used for the sake of convenience. Any semiconductor chipin the information processing apparatus is applicable in lieu of theCPU. In particular, it is preferable to adopt a processor which carriesout control and computational operations in the information processingapparatus. That is to say, the present invention provides an informationprocessing apparatus comprising a semiconductor chip in which encryptionprocessing including generation of key information is performed in aclosed fashion. Further, according to another aspect of the presentinvention, there may be provided such an arrangement that encryptionprocessing is performed in each of a plurality of CPUs.

Furthermore, according to another aspect of the present invention,encryption processing may be performed in the RAM contained in the CPU.

Moreover, according to another aspect of the present invention, the RAMcontained in the CPU may be used as main memory for execution ofapplication programs as well as encryption processing.

Still further, according to another aspect of the present invention,there may be provided such an arrangement that application programsthemselves are encrypted and an external storage device holds encryptedfiles thereof.

Still further, according to another aspect of the present invention, anexternal bus controller may be provided for controlling data output toan external bus. The external bus controller may control data output sothat data is not output to the external bus while the RAM contained inthe CPU is accessed. Further, the external bus controller may form ajudgment on whether or not to output data to the external bus. If it isjudged that data is to be output, the data is delivered to the externalbus.

Still further, according to another aspect of the present invention,encryption and decryption of communication data may be performed in theCPU.

Still further, in any of these arrangements mentioned above, it is alsopreferable to provide means for determining whether or not to encryptdata according to the contents thereof. If encryption is not necessaryfor data, the data is output onto the signal lines in the informationprocessing apparatus.

Besides, in a modified arrangement of the present invention, encryptionprocessing may be performed in a processor of a disk system controllerfor encrypting file location information on a magnetic disk.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram showing a configuration of an information processingapparatus according to the present invention.

FIG. 2 is an explanatory diagram of file generation in the informationprocessing apparatus of the present invention.

FIG. 3 is a diagram showing an information processing apparatusconfiguration in which a CPU contains main memory according to apreferred embodiment of the present invention.

FIG. 4 is a diagram showing an information processing apparatusconfiguration in which an application program held in an externalstorage device is encrypted by a CPU according to a preferred embodimentof the present invention.

FIG. 5 is a diagram showing a configuration of an external buscontroller.

FIG. 6 is an explanatory diagram of a preferred embodiment of thepresent invention in which data output to an external bus is preventedby the external bus controller.

FIG. 7 is a diagram showing a configuration of a random number generatorrequired for key generation.

FIG. 8 is a diagram showing a configuration of a key custody area.

FIG. 9 is a diagram showing a relationship between encryption/decryptionprocessing and key information in a case where encryption and decryptionare carried out in the same apparatus.

FIG. 10 is a diagram showing a configuration in which the amount of keyinformation to be stored is reduced through the use of a different keyhandling procedure.

FIG. 11 is a diagram showing a relationship between encryptionprocessing and key information and a relationship between decryptionprocessing and key information in a case where different apparatuses areused for encryption and decryption respectively.

FIG. 12 is a diagram showing a configuration in which authenticationinformation of a sender is added to the arrangement illustrated in FIG.11.

FIG. 13 is a diagram showing a mechanism for authenticating keyinformation attained from a communicating party.

FIG. 14 is a diagram showing a configuration in a case where the presentinvention is applied to a processor bus and a system informationprocessing apparatus.

FIG. 15 is a diagram showing a configuration in a case where the presentinvention is employed for a communication application.

FIG. 16 is an explanatory diagram showing a configuration in a casewhere the present invention is applied to an external storage device.

FIG. 17 is a diagram for explaining a flow of writing encrypted filelocation information in the configuration illustrated in FIG. 16.

FIG. 18 is a diagram showing a configuration of a disk controller.

FIG. 19 is a diagram showing an information processing apparatuscomprising a plurality of CPUs in a preferred embodiment of the presentinvention.

FIG. 20 is a diagram showing a modified embodiment of the arrangementillustrated in FIG. 19.

FIG. 21 is a diagram showing a modified embodiment of the configurationillustrated in FIG. 16.

FIG. 22 is a diagram showing another modified embodiment of theconfiguration illustrated in FIG. 16.

FIG. 23 is a diagram showing the entire network system in which theinformation processing apparatus illustrated in FIG. 15 is connected.

BEST MODE FOR CARRYING OUT THE INVENTION

The present invention will now be described in detail by way of examplewith reference to the accompanying drawings.

Referring first FIGS. 1 and 2, the following describes a first preferredembodiment of the present invention. In FIG. 1, there is shown aschematic configuration diagram of an information processing apparatus(101) comprising at least a CPU (102), a main memory (103), and anexternal storage device (104). A theoretical system bus (114) isextended to connect the CPU (102), a main memory controller (117), andan external storage device controller (115). The main memory controller(117) and the external storage device controller (115) are connected tothe main memory (103) and the external storage device (104),respectively. While an actual signal line connection is arranged asshown in FIG. 7, a schematic signal line connection can be representedas shown in FIG. 1 in view of a theoretical data flow.

The CPU (102) comprises a microprocessor (105), a cryptographicprocessing algorithm ROM (106), a cryptographic processing hardwarecircuit (107), a RAM (108), a key custody area (112), and an externalbus controller (109). These component circuits are integrated on asingle semiconductor chip.

In the CPU (102), a microprocessor bus (110) is extended to connect thecryptographic processing algorithm ROM (106), the cryptographicprocessing hardware circuit (107), the RAM (108), and the external buscontroller (109). In the present preferred embodiment, data is encryptedwithin the CPU.

For encryption of a file (111), encryption processing is carried outthrough the cryptographic processing algorithm ROM (106), using thecryptographic processing hardware circuit (107) if necessary. Key datato be used for encryption may be generated in the CPU (102), or dataprepared in advance may be used for encryption. Note that the key datamust be retained in the key custody area (112) contained in the CPU(102). In encryption processing, if intermediate result data isgenerated, the generated intermediate result data is stored in the RAM(108). Thus, an encrypted file (113) is produced from the file (111).

The encrypted file (113) is stored into the external storage device(104) through the system bus (114) and the external storage devicecontroller (115).

For decryption of an encrypted file (116) stored in the external storagedevice (104), decryption processing is carried out in the reverse orderof encryption.

To be more specific, the encrypted file (116) is read into the RAM (108)from the external storage device (104) through the external storagedevice controller (115). Then, decryption processing is carried outthrough the cryptographic processing algorithm ROM (106), using thecryptographic processing hardware circuit (107) if necessary.

For encrypting/decrypting a large amount data at high speed, common keycryptography (symmetric key cryptography) is employed in which a commonkey is applied to both encryption and decryption. In the common keycryptography, encryption and decryption are carried out in just thereverse order to each other, i.e., identical minimum-unit processingsteps are performed in encryption and decryption. The cryptographicprocessing algorithm ROM (106) also contains a decryption processingprocedure. The cryptographic processing hardware circuit (107) isavailable for decryption as well as encryption.

In FIG. 2, there is shown a process through which the file (111)indicated in FIG. 1 is produced.

An application program (201) is retained in the external storage deviceexcept when it is activated. When the application program is initiated,the application program is loaded into the main memory and put in anoperable state (202). Then, the application program in the operablestate (202) issues a request for working area allocation to an operatingsystem serving as a control program for the information processingapparatus. In answer to this request, the operating system forcontrolling the information processing apparatus allocates a memoryspace of the RAM (108) as a working area (203).

In the above-mentioned state, the application program (202) is executedunder control of the microprocessor (105), and information is createdand stored into the working area (203). of the information thus createdand stored in the working area (203), data to be stored into theexternal storage device is produced as a file (111).

The application program (202) itself resides in the main memory. Inallocation of the working area (203) on the RAM (108) for execution ofthe application program, a memory control function of the microprocessoris used under the aegis of the operating system for controlling theinformation processing apparatus. Through the use of the memory controlfunction of the microprocessor, logical addresses representing theworking area for the application program are converted into physicaladdresses in the RAM (108).

The key custody area (112) may be provided in the RAM (108), but it isrequired that the key custody area should be of a nonvolatile memorytype. Instead of the RAM (108), a nonvolatile ROM such as an EEPROM orflash ROM may be used to provide the key custody area. It is alsopreferable to use a battery-backed SRAM in lieu of the RAM (108). Wherethe battery-backed SRAM is used to provide the key custody area, abackup battery power thereof can be shut off upon detection of an attackto the information processing apparatus in an attempt to take out acipher key. Thus, key information can be deleted intentionally tosafeguard sensitive information.

In an arrangement wherein information generation and cryptographicprocessing are carried out in the same semiconductor chip as describedabove, it becomes difficult to extract non-encrypted sensitiveinformation through an analytical attack such as tapping a signal on aterminal of the semiconductor chip.

Then, with reference to FIG. 3, the following describes a secondpreferred embodiment of the present invention.

In FIG. 3, there is shown a configuration wherein the RAM (108)contained in the CPU (101) is used as main memory of the informationprocessing apparatus (101).

In the second preferred embodiment, when an application program (301)retained in the external storage device is initiated, the applicationprogram is loaded into the RAM (108) and put in an operable state (302).Then, the application program in the operable state (302) issues arequest for working area allocation to an operating system serving as acontrol program for the information processing apparatus. In answer tothis request, the operating system for controlling the informationprocessing apparatus allocates a memory space of the RAM (108) as aworking area (303). In this state, the application program (302) isexecuted under control of the microprocessor (105), and information iscreated and stored into the working area (303). Of the information thuscreated and stored in the working area (303), data to be stored into theexternal storage device is produced as a file (111).

The file (111) thus produced is encrypted through the cryptographicprocessing algorithm ROM (106), using the cryptographic processinghardware circuit (107) if necessary. Thus, an encrypted file (113) isproduced from the file (111). The encrypted file (112) is then stored asan encrypted file (116) into the external storage device.

Although main memory disposed outside the CPU is not shown in FIG. 3,there may also be provided such a modified arrangement that applicationprograms used for generating sensitive information and any otherapplication programs are handled differently. To be more specific, theapplication programs used for generating sensitive information arecarried out in the RAM (108), and the other application programs arecarried out on the main memory disposed outside the CPU in aconventional manner.

Where the RAM (108) is used as the main memory as described above, atransfer of non-encrypted sensitive information takes place outside theCPU (102) only when the application program (301) is loaded into the RAM(108), and the application program itself is executed in a securemanner.

With reference to FIG. 4, the following describes a third preferredembodiment of the present invention.

In the third preferred embodiment, an encrypted application program(401) is retained in the external storage device (104). The encryptedapplication program is decrypted in the CPU of the informationprocessing apparatus. Hence, a decrypted form of the application programis not output onto the bus (114), i.e., the decrypted applicationprogram is handled within the CPU in a closed fashion. This prevents anyother person from tapping the application program.

The third preferred embodiment is explained in detail below. At the timeof startup of the encrypted application program (401) retained in theexternal storage device, the encrypted application program (401) istransferred to the RAM (108) in the information processing apparatusover the bus (114). Through this transfer, the RAM (108) is loaded withthe encrypted application program (402). Then, in the RAM (108), theencrypted application program (402) is decrypted in the RAM (108) totake an original form of an application program (403). In this state,the application program (403) is run to generate information using aworking area (404) in the RAM (108). Then, any necessary parts areselected from the generated information to produce a file (111). Thefile (111) thus produced is encrypted to produce an encrypted file(113). The encrypted file (113) is stored as an encrypted file (116)into the external storage device (104).

As explained above, an application program itself is stored as anencrypted file into the external storage device, thereby enhancingsecurity protection further.

In the third preferred embodiment, for generating the encryptedapplication program (401), the application program itself is encryptedas a file (111).

Then, with reference to FIGS. 5 and 6, the following describes theexternal bus controller in the present invention.

The external bus controller (109) used in each of the first to thirdpreferred embodiments is designed to control data input/output betweenthe inside of the CPU and the outside thereof. For example, in accessfrom the microprocessor (105) to the cryptographic processing algorithmROM (106), cryptographic processing hardware circuit (107) or RAM (108)for execution of cryptographic processing, the external bus controllerperforms control so that an access signal will not go out of the CPU. Ina case where security protection is not affected when an access signalfrom the microprocessor (105) is output from the CPU, the external buscontroller may allow output of the access signal from the CPU.Information allowed to be output from the CPU includes data which is tobe transferred to another information processing apparatus without beingsubjected to encryption processing.

As shown in FIGS. 5 and 6, an external bus controller (501)corresponding the external bus controller (109) is disposed between aset of three internal buses from a microprocessor (502) and a set ofthree external buses extending out of the CPU. The three internal busesare a control bus (503), an address bus (504), and a data bus (505), andthe three external buses are an external control bus (506), an externaladdress bus (507), and an external data bus (508). The external buscontroller (501) comprises an external control bus generator (509), anaddress comparator (510), an address direction controller (512), a datadirection controller (513), a mask signal generator (511), and signalmask circuits (514) and (519).

A bus cycle start signal, a bus direction indicating signal, a bus cycleend signal, a bus arbitration signal, and other control signals from themicroprocessor are fed through the control bus (503) and the externalcontrol bus (506). Bus cycle control is carried out by these signals.

The external control bus generator (509) monitors the bus cycle startsignal, bus direction indicating signal, bus cycle end signal, busarbitration signal, and other control signals from the microprocessor.In the external control bus generator (509), it is determined whetherthe microprocessor has a bus access right or not. Information on theresult of judgment is given to the address direction controller (512),and the same information is also given to the address comparator (510).The address comparator (510) has information regarding addressesallocated to the cryptographic processing algorithm ROM (106),cryptographic processing hardware circuit (107), and RAM (108) in theCPU (102), and in the address comparator (510), these addresses arecompared with an address input through the address bus (504) or theexternal address bus (507).

If the external control bus generator (509) judges through the controlbus (503) that the microprocessor has the bus access right, the addresscomparator (510) checks an address signal from the microprocessor. Then,if it recognized that access to an address of the RAM (108) isattempted, the address comparator (510) notifies the external controlbus generator (509) thereof so that an external bus control signal willnot be driven. The address comparator (510) also notifies the masksignal generator (511) thereof so as to output a mask signal to thesignal mask circuits (514) and (519). Thus, the external address bus(507) and the external data bus (508) are controlled to remain inactive.Alternatively, an address value or a data value is forcedly madeinvariable.

If the external control bus generator (509) judges through the controlbus (503) that the microprocessor does not have the bus access right,the address comparator (510) checks the external address bus. Then, ifit is detected that access to an address of the RAM (108) is attempted,the address comparator (510) notifies the external control bus generator(509) thereof. The external control bus generator (509) conducts controlnot to indicate a bus cycle to the control bus (503). Alternatively, amask signal is output to the signal mask circuits (514) and (519) sothat the address bus (504) and the data bus (505) will not be driven, oran address value or a data value is forcedly made invariable.

In implementation of making an address value or a data value invariable,gate logic is changed as in a gate (602) of a signal mask circuit (601)and a gate (604) of a signal mask circuit (603) shown in FIG. 6.

Thus, through the use of the address signal mask circuit, it is possibleto make address conversion to indicate any area other than the RAM (108)area, i.e., an area where no problem will arise in read and writeoperations.

As described above, analysis of internal processing in the CPU (102) bytapping the system bus (114) connected to the CPU (102) can be madeinfeasible. This enhances the security of cryptographic processing to becarried out in the CPU (102).

Then, with reference to FIGS. 7 to 13, the following describes how keyinformation is handled.

Key information is required for encryption and decryption, and thesecrecy of the key information is critical to security protection of theentire system. In conventional practice, key information is furnishedfrom an external source, and the key information furnished externallymust be strictly controlled by an individual person for ensuring systemsecurity.

According to the present invention, key information necessary forencryption is generated in a semiconductor device, and the keyinformation thus generated is retained in the semiconductor device only.When the key information needs to be output from the semiconductordevice, it is delivered using means recognizable only by a particularparty. Random numbers are used for generation of key information. Inlogic-based generation of random numbers, pseudo-random numbers aregenerated commonly. That is to say, using certain seed information, aplurality of calculations are repeated to determine a sequence ofdiscrete numbers. However, in this kind of random number generation,discrete numbers are generated in an identical sequence if the same seedinformation is used. Therefore, if the same seed information isattainable, it is possible to generate an identical sequence of randomnumbers in a reproducible fashion. This imposes a requirement for strictcontrol of seed information. According to the present invention, thereis provided a random number generator (118) to obviate theabove-mentioned disadvantage.

FIG. 7 shows an exemplary configuration of the random number generator(118) for generating random numbers through the use of a physicalphenomenon. The random number generator (118) shown in FIG. 7 generatesrandom numbers using noise produced by a constant-voltage diode or aZener diode. As illustrated in FIG. 7, the random number generator (118)comprises a low-pass filter (704) including a constant-voltage diode(701), a resistor (702) and a capacitor (703), a comparator (705), and aflip-flop (706).

The constant-voltage diode (701) produces noise having a signal waveform(707). This noise is caused by the physical phenomenon that an avalanchebreakdown occurs randomly at a semiconductor junction inside theconstant-voltage diode (701). The noise thus produced is fed through thelow-pass filter (704) to yield a signal waveform (708) which has a valueapproximating to the average value of the signal waveform (707). Thesetwo signal waveforms (708) and (707) are input to the comparator (705)for conversion into a binary signal having random pulse widths such as asignal waveform (709). The binary signal thus attained is furtherapplied to the flip-flop (706), in which it is synchronized with areference clock signal available in the semiconductor device. Thus, arandom-bit signal waveform (710) is provided.

Random numbers are generated by inputting a necessary length of therandom-bit string to a shift register or by counting the number ofrandom pulses in a time unit.

Non-reproducible random numbers can thus be attained without using seedinformation which is required in common practice of random numbergeneration. Further, through the low-pass filter (704), the averagevalue (708) of the signal containing noise (707) is determined, and theaverage value thus determined is compared with the signal containingnoise. Thus, in the random number generator, an adverse effect on randomnumber generation can be prevented even if voltage fluctuations occurdue to such a cause as temperature variation in the constant-voltagediode.

While the constant-voltage diode is used as a noise source in thepreferred embodiment illustrated in FIG. 7, it is to be understood thatthe present invention is not limited to the use of the constant-voltagediode and that any circuit producing noise based on a physicalphenomenon may be used instead thereof.

Referring to FIG. 8, there is shown an exemplary configuration of thekey custody area for storing generated key information in secrecy. Thekey custody area (112) shown in FIG. 8 is an example of a battery-backedSRAM configuration.

The CPU (102) of the present invention is divided into the followingsections; an SRAM (804), an SRAM control circuit (809), and a CPUinternal logic block (802) for other circuits. A power supply (805)dedicated for the SRAM (804) and the SRAM control circuit (809), and amain power supply (803) dedicated for the internal logic block (802) areprovided. The main power supply (803) and the power supply (805) for thekey custody area (112) are connected to the SRAM (804) through diodes(806) and (807) to furnish a power (808) thereto. The power (808) isalso furnished to the SRAM control circuit (809). A gate (810) monitorsa reset signal (811) and the main power supply (803) used for theinternal logic block, and the gate (810) fixedly nullifies all thesignals to the SRAM (804) until initialization of the internal logicblock is completed with the main power supply (803) turned on. Thus,even under condition that only the key custody area (112) is suppliedwith power while the other circuits are not supplied with power, it ispossible to eliminate an excess leakage current. Further, even if anoise is applied to any part of the circuits not supplied with power oreven if a malfunction occurs due to a voltage lower than a guaranteedlevel, an adverse effect can be shut off. When the gate (810) outputs a“Low” signal, a gate (812) outputs a “Low” signal to provide no changeregardless of a voltage level on address signal lines (813). Further,since a gate (815) outputs a “Low” signal, an output impedance of abuffer (816) increases to prevent current leakage to data signal lines(818). Still further, since a gate (820) outputs a “Low” signal, anoutput impedance of a buffer (821) increases to prevent any data fromgoing to a data signal line (819) regardless of a voltage on data signallines (823). Still further, a gate (824) outputs a “High” signal tonullify a control signal (826), thereby stopping operation of the SRAM.Further, since gates (810), (812), (815), (820) and (824) and a buffer(821) are formed using CMOS-structure elements, leakage currents toinput signals (813), (817), (823), (822) and (825) can be suppressed toa minimum. Therefore, even if power to the internal logic block (802) issuspended, there occurs no leakage of power from the key custody areapower supply (805). Thus, power consumption of the key custody areapower supply (805) can be restricted to a required minimum, therebymaking it possible to prolong the service life of a backup battery(828).

When power is furnished from the main power supply (803) andinitialization of the internal logic block (802) is completed, the gate(810) outputs a “High” signal. Then, the gate (812) allows data on theaddress signal line (813) to flow to the address signal lines (814).Under condition that an SRAM read signal (817) is effective, the gate(815) enables the buffer (816) for allowing data on the data signal line(819) to go to a data signal lines (818). Under condition that an SRAMwrite signal (822) is effective, the gate (820) enables the buffer (821)for allowing data on the data signal lines (823) to flow to the datasignal lines (819). The gate (824) allows data on the control signalline (825) to flow to the control signal line (826). Through theabove-mentioned sequence, the SRAM (804) can be accessed normally.

Moreover, a variety of sensors are provided on a case or housing inwhich the CPU (102) is accommodated, and an alarm detector (827)receiving signals from these sensors is provided for controlling the keycustody area power supply (805) connected with the battery (828). Upondetection of an abnormality such as disassembling/removing the case orhousing, power to the SRAM (804) is stopped to delete key information.Further, under condition that the main power supply (803) is turned on,even if the key custody area power supply (805) is shut off by actuationof the alarm detector (827), power is furnished from the main powersupply (803) to the SRAM (804). Therefore, an alarm detection signal(829) is input to the internal logic block (802) to inform occurrence ofan abnormality, thus restricting or stopping operation of the CPU (102).

In a modified embodiment, the power supplies to the SRAM (804) may beintegrated in the CPU (102). Further, there may also be provided anarrangement wherein the main power supply and battery power supply areintegrated in the alarm detector (827) and wherein the power supplies tothe SRAM (804) are shut off upon detection of any abnormality.

In terms of circuit mounting, it is required to provide each of thesignal and power lines between the alarm detector (827) and the CPU(102) along the shortest possible route in an inner layer of a substratetherefor so that probing cannot be made with ease. Further, it isrequired to provide such a security protective means as connecting aplurality of signal lines along different wiring paths. Thus, even ifthe information processing apparatus is disassembled, cipher keyinformation cannot be extracted out of the semiconductor device.

In the present invention, two kinds of cipher keys are generated fordifferent purposes; a key necessary for identifying the semiconductordevice concerned, and a key used for encrypting information. The formeris an authentication key, and the latter is an information encipheringkey. A key to be generated frequently is an information enciphering key,i.e., in principle, an information enciphering key is generated eachtime information is encrypted. An authentication key is generated at apredetermined interval of time, e.g., per month or per year, for use asinformation for identifying the semiconductor device concerned.

Referring to FIG. 9, there is shown how enciphering and deciphering keysare handled in a situation where the same information processingapparatus is used for encryption and decryption.

Information (901) produced in the CPU (102) semiconductor chip isencrypted and stored as an encrypted file (116) into the externalstorage device (104) or the like. Thereafter, in decryption for usingthe contents of the encrypted file in the CPU (102) again, it is justrequired that key information (902) should reside in the CPU (102) only.For making it possible to handle the encrypted files (113) and (116) inthe CPU (102) only, the key information (902) is generated by the randomnumber generator (113) in the CPU (102) and stored into the key custodyarea (112) only.

Further, in a case where different cipher keys (904) and (906) are usedfor encrypting a plurality of information (903) and (905) respectively,it is required to store key information (904) and (906) into the keycustody area (112).

While encryption and decryption are carried out in the memory (108) inthe example shown in FIG. 9, there may also be provided such anarrangement that the cryptographic algorithm ROM (106) or thecryptographic processing hardware circuit (107) is used for encryptionand decryption in the CPU (102).

Referring to FIG. 10, the key custody area (112) holds just a key (1001)generated by the random number generator (118). In encryption ofinformation (1002) or (1003), a key (1004) or (1005) generated inassociation therewith is encrypted with the key (1001) to produce acipher key (1006) or (1007). The information (1002) or (1003) isencrypted with the cipher key (1004) or (1005) thus produced to createan encrypted file (1008) or (1009). The encrypted file (1008) thuscreated and the cipher key (1006) are collectively stored as a file(1010) into the external storage device, and the encrypted file (1009)thus created and the cipher key (1007) are collectively stored as a file(1011) into the external storage device. In this fashion, the amount ofkey information to be held in the key custody area (112) can be reduced.

Referring to FIG. 11, there is shown how enciphering and decipheringkeys are handled in a situation where different apparatuses are used forencryption and decryption respectively. In this case, it is required toensure that each communicating party is a correct one. That is to say,it is required to authenticate the identity of each communicating party.

As a means for authenticating the identity of the communicating party,asymmetric key cryptography is employed. In the asymmetric keycryptography, different keys are used for encrypting information toprovide a cipher text and for decrypting the cipher text to attain theoriginal information. The asymmetric key cryptography is also referredto as public key cryptography, in which enciphering and deciphering keysare used. One of the enciphering and deciphering keys is made public,and the other is kept secret. Information encrypted with the encipheringkey can be decrypted only with the deciphering key correspondingthereto. One of the two keys which is made public is referred to as apublic key, and the other one which is kept secret is referred to as aprivate key. Cipher text information encrypted with the public key canbe decrypted only with the private key corresponding thereto, and ciphertext information encrypted with the private key can be decrypted onlywith the public key corresponding thereto. In this cryptographictechnique, cipher text information can be transmitted in a formdecipherable only by a particular party, and the identity of a sendercan be authenticated.

For sending information only to a particular recipient, a sender attainsa public key from the recipient first. Then, using the public key of therecipient, the sender encrypts information to be sent. The informationthus encrypted is a cipher text which can be decrypted only with aprivate key kept secret at the recipient, not with the same public key.In this manner, the encrypted information can be sent to the particularrecipient securely. In general, since the asymmetric key cryptography(public key cryptography) requires a substantial amount of time due tocomplex processing thereof, the following cryptographic processing isimplemented in most actual applications: Information to be sent isencrypted by symmetric key cryptography (common key cryptography) inwhich cipher key information is generated through random numbergeneration each time. Using asymmetric key cryptography (public keycryptography), the cipher key information thus generated is sent to arecipient in secrecy.

For authenticating the identity of a sender, the sender encryptsinformation itself or any message corresponding thereto (e.g., messagedigest) with a private key and then sends the encrypted information to arecipient. The recipient attains a public key of the sender, anddecrypts the encrypted information with the public key of the sender. Inauthenticity check, if it is judged that the information has beenencrypted with the private key owned only by the sender, the recipientcan authenticate the identity of the sender.

In an apparatus A (1101 a) and an apparatus B (1101 b) shown in FIG. 11,public keys (1104 a) and (1104 b) and private keys (1105 a) and (1105 b)are generated respectively as apparatus identification information inadvance. In a public key cryptographic technique based on moduloarithmetic, each of these keys is generated using the product of twoprime numbers. For this purpose, random number generation (1102 a) (1102b) is performed to generate random numbers. Then, it is checked whetherthe random numbers thus generated are prime numbers or not. Random primenumbers can thus be attained (1103 a) (1103 b). The generated keys areused for identifying the semiconductor devices concerned.

The following describes a situation in which information (1116) is sentfrom the apparatus A (1101 a) to the apparatus B (1101 b).

In transfer of the information (1116) from the apparatus A (1101 a) tothe apparatus B (1101 b), the apparatus A (1101 a) encrypts theinformation (1116) with a key so that the information (1116) can bedecrypted only by the apparatus B (1101 b). It is desirable to use a keyeffective only for transfer of the information (1116) and another keyfor transfer of different information. In this usage of keys, even ifkey information leaks, possible damage can be kept to a minimum. Forthis purpose, a common key (1111) for encrypting information (1116) tobe generated each time must be sent only to the apparatus B.

In implementation of the above-mentioned arrangement, the apparatus A(1101 a) issues a request for public key transfer (1106). In response tothis request, the apparatus B (1101 b) transfers the public key (1104 b)to the apparatus A (1101 a) . Then, in the apparatus A (1101 a), randomnumbers are generated (1109), and a common key (1111) is generated usingthe random numbers thus generated (1110). Using the generated common key(1111), a public key of the apparatus B (1108) received from theapparatus B (1101 b) is subjected to public key encryption (1112) toproduce encrypted key information (1113). Further, using the generatedcommon key (1111), the information (1116) is subjected to common keyencryption (1115) to produce encrypted information (1117). The encryptedkey information (1113) and encrypted information (1117) thus producedare sent to the apparatus B. In this manner, the information (1116) canbe sent to the apparatus B in a form decipherable only by the apparatusB. In the apparatus B (1101 b), the encrypted key information thusreceived (1119) is subjected to public key decryption (1120) using theprivate key (1105b) of the apparatus B to attain a common key (1121).Further, using the common key (1121), the encrypted information receivedas mentioned above (1122) is subjected to common key decryption (1123)to attain information (1124).

Moreover, for proving that information transfer (1118) has been madefrom the apparatus A (1101 a), a message digest of the information(1116) is determined as a hash value (1202) using a hash function (1201)as shown in FIG. 12. Then, the hash value (1202) thus determined issubjected to public key encryption (1203) using the private key (1105 a)of the apparatus A to generate an encrypted hash value (1204). Thepublic key (1104 a) of the apparatus A is transferred (1205) to theapparatus B (1101 b), and the encrypted hash value (1204) is alsotransferred to the apparatus B (1101 b) as a signature of the apparatusA (1101 a). In the apparatus B (1101 b), using the public key of theapparatus A received from the apparatus A (1207), the encrypted hashvalue received therefrom (1208) is subjected to public key decryption(1209) to attain a hash value (1210) corresponding to the hash valuegenerated by the apparatus A (1101 a) . On the other hand, using a hashfunction (1211), a hash value (1212) is determined from the information(1124) received from the apparatus A (1101 a). The two hash values(1210) and (1212) mentioned above are compared (1213) to check whetherthey are identical or not. If a match is found therebetween, it can beverified that the sender of the information (1124) is the apparatus A(1101 a).

While a hash value of the information (1116) is determined in thearrangement exemplified in FIG. 12, there may also be provided such amodified arrangement that the information itself (1116) is encryptedwith the private key (1105 a) of the apparatus A and the encryptedinformation is transferred to the apparatus B (1110 b) together with thepublic key (1104 a) of the apparatus A. In particular, this modifiedarrangement is preferable in a case where the size of the information(1116) is relatively small.

In acquisition of a public key of a desired communicating party, thepublic key may be attained directly from the communicating party asillustrated in the above-mentioned preferred embodiments, or the publickey of the communicating party may be attained through a third partyhaving no interest in relation with the communicating party.

As to a public key attained from each communicating party, it isnecessary to ensure that the attained public key is authentic, i.e., thecommunicating party is not an imposter.

Referring to FIG. 13, there is shown an arrangement for checking whetherthe public key received from each communicating party in the preferredembodiments shown in FIGS. 11 and 12 is authentic or not. In thearrangement shown in FIG. 13, an apparatus C (1301) is provided as acertification authority server for authenticating the identity of eachterminal apparatus. The apparatus C (1301) authenticates a public key ofeach apparatus subscribing to the communication system concerned. Forhis purpose, in the apparatus C (1301), random numbers are generated(1302), and from the generated random numbers, prime numbers are taken(1303). Then, using the prime numbers, a public key (1304) and a privatekey (1305) of the apparatus C are generated. The private key of theapparatus C must be kept in absolute secrecy for ensuring the securityof the communication system concerned.

In the apparatus A (1101 a) and the apparatus B (1101 b), the publickeys (1104 a) and (1104 b) and the private keys (1105 a) and (1105 b)are generated for apparatus identification as mentioned before. Then,each of the public keys is transferred to the apparatus C (1301) to makea request for certification (1316 a) (1316 b). Upon receiving therequest for certification, the apparatus C (1301) processes the publickey (1306 a) (1306 b) of each of the apparatuses A and B through publickey encryption (1307 a) (1307 b) using the private key (1305) of theapparatus C to produce a certificate (1308 a) (1308 b). The certificatethus produced and the public key (1304) of the apparatus C are combinedto provide the result of certification (1309 a), which is thentransferred to each of the apparatuses A and B (1317 a) (1317 b).

In each of the apparatuses A and B, the result of certification, i.e., acertificate of the public key thereof is stored. When the apparatus Breceives a request for public key transfer from the apparatus A forsending information, the apparatus B transfers the public key (1105 b)thereof and the certificate thereof to the apparatus A. The certificatethus transferred indicates that the apparatus B has been certified bythe apparatus C. When the apparatus A receives the certificate (1312),public key decryption (1313) is performed using the public key of theapparatus C stored in the apparatus A. Then, the public key (1314) ofthe apparatus B is extracted from the certificate (1312), and the publickey thus extracted is compared with the public key (1108) transferredfrom the apparatus B (1101 b). In this manner, the authenticity of thepublic key of the apparatus B can be verified.

In certification by the apparatus C using the public key of each of theapparatuses A and B, electronic verification and meticulous inspectionare carried out to make sure that each of the apparatuses A and B is notmodified or tampered by any third party.

Through the above-mentioned procedure, the authenticity of the publickey of each communicating party can be ensured.

Then, with reference to FIG. 14, the following describes a fourthpreferred embodiment of the present invention.

In FIG. 14, there is shown a schematic configuration of a typicalinformation processing apparatus. An information processing apparatus(1401) comprises a plurality of semiconductor devices. A CPU (1402) isconnected to a cache memory and a main memory controller (1405) througha processor bus (1404). The main memory controller (1405), including asystem bus controller, is provided with a memory bus (1413) and a systembus (1407). The memory bus (1413) is extended to a main memory (1406),and the system bus (1407) is extended to an external storage devicecontroller (1408), a display circuit controller (1410), a communicationcircuit controller (1411), and a peripheral I/O controller (1412). Thedisplay circuit controller (1410) may be connected to the main memorycontroller including the system bus controller (1405). The externalstorage device controller (1408) is connected to an external storagedevice (1409).

Since an address region of the main memory (1406) is different from thatof each component connected to the system bus (1407), the main memorycontroller including the system bus controller (1405) conducts achangeover in address region access.

In the information processing apparatus (1401) which can be regarded asa system, the CPU (1402) serves as a main processor presiding overoperations in the system. According to the present invention,cryptographic processing is carried out in the CPU in a closed fashion.For example, as shown in FIG. 1, the CPU (1402) comprises themicroprocessor (105), cryptographic processing algorithm ROM (106),cryptographic processing hardware circuit (107), RAM (108), key custodyarea (112), and external bus controller (109), which are all integratedon a single semiconductor chip. Further, according to the presentinvention, an information processing apparatus comprising a plurality ofCPUs may be used as shown in FIGS. 19 and 20.

With reference to FIG. 15, the following describes a fifth preferredembodiment of the present invention.

In the fifth preferred embodiment shown in FIG. 15, an informationprocessing apparatus (1501) is connected to another informationprocessing apparatus for communication therewith. In lieu of theexternal storage device indicated in FIG. 1, a communication circuitcontroller is provided in the fifth preferred embodiment. Thecommunication circuit controller may be disposed outside the informationprocessing apparatus (1501).

The information processing apparatus (1501) comprises a CPU (1502) and acommunication circuit controller (1503), which are interconnectedthrough a system bus (1514). The CPU (1502) includes a microprocessor(1505), a cryptographic processing algorithm ROM (1506), a cryptographicprocessing hardware circuit (1507), a RAM (1508), an external buscontroller (1509), and a key custody area (1512). These componentcircuits are interconnected through a microprocessor bus (1510).

While the information processing apparatus shown in FIG. 15 comprisesthe CPU and the communication circuit controller, other components suchas a main memory and an external storage device may be included in theinformation processing apparatus. At the end of a communication line(1504) extended through the communication circuit controller (1503),there maybe connected an apparatus which is functionally equivalent toan external storage device or an information processing apparatus.

Note, however, that a cryptographic processing procedure differsdepending on whether an external storage device or an informationprocessing apparatus is connected at the end of the communication line(1504).

In a case where an external storage device is connected at the end ofthe communication line, data is encrypted and the resultant encrypteddata is stored into the external storage device. Then, the encrypteddata is read out of the external storage device for decryption.Therefore, it is just required that only the CPU of the informationprocessing apparatus where cryptographic processing is performed shouldretain an enciphering key.

In a case where an information processing apparatus is connected at theend of the communication line, i.e., an information processing apparatusA and an information processing apparatus B are connected through thecommunication line, there may occur a situation in which data isencrypted in the information processing apparatus A and then theencrypted data is decrypted in the information processing apparatus B.Common key cryptography is suitable for high-speed encryption/decryptionof a large amount of data. In the common key cryptography, since thesame key is used for encryption and decryption, the informationprocessing apparatuses A and B must have an identical key. The identicalkey may be set in advance in each of the information processingapparatuses A and B. Alternatively, before transmission of encrypteddata, mutual authentication may be made between the informationprocessing apparatuses A and B in a fashion that an enciphering key isshared therebetween. For the mutual authentication, cryptographicprocessing is carried out in the CPU.

FIG. 23 shows a scheme in which the information processing apparatuses Aand B are connected over a network.

In the RAM (1508), encrypted data is re-edited per communication, andaccording to a communication protocol, the re-edited data is transferredto the communication circuit controller (1503) to enable securecommunication. There may be provided such a modified arrangement asmentioned below: Data encrypted in the RAM (1508) is transferred to thecommunication circuit controller (1503), and in the communicationcircuit controller (1503), the encrypted data is re-edited percommunication. Then, according to a communication protocol, there-edited data is sent over the communication line (1504).

With reference to FIGS. 16, 17, 18, 21 and 22, the following describes asixth preferred embodiment of the present invention.

In FIG. 16, there is shown a configuration in which a group of externalstorages including a magnetic disk (1601) is controlled by a disk systemcontroller (1602). The disk system controller (1602) is connected to ahost system (1603) which is a higher-ranking information apparatus.

The magnetic disk (1601) contains data stored as a file and filelocation information indicating where the file is stored on the magneticdisk. In a small-type information processing apparatus such as apersonal computer, a file system program for managing files and filelocation information may be carried out by a CPU contained in thesmall-type information processing apparatus. In a disk system controllerdesigned for implementing high-speed operations with high reliability,the disk system controller itself may manage files and file locationinformation.

The sixth preferred embodiment of the present invention is particularlysuitable for the latter case. In the host system, a file (1604) and afile identifier (1605) are managed. Whether the file (1604) is encryptedor not depends on the host system, i.e., it is not required for the disksystem controller (1602) to be concerned therewith. In the disk systemcontroller (1602), file location information (1606) on the magnetic disk(1601) is encrypted for management.

In the sixth preferred embodiment of the present invention, operationsto be performed until the host system reads out an encrypted file (1607)are as follows:

First, the host system sends a file identifier (1605) corresponding to anecessary encrypted file to the disk system controller (1602), therebyindicating a request for reading out the encrypted file. Upon receipt ofthis request, the disk system controller (1602) reads the encrypted filelocation information (1606) out of the magnetic disk (1601). In the disksystem controller (1602), the encrypted file location information (1606)is decrypted to extract file location information (1608). Then, the disksystem controller (1602) searches the extracted file locationinformation (1608) for the file identifier (1605) to attain actual filelocation information. Using the file location information thus attained,the disk system controller (1602) reads the necessary encrypted file(1607) out of the magnetic disk (1601), which is then transferred to thehost system (1603).

With reference to FIG. 17, the following describes how a file is writtenonto the magnetic disk. Until the file location information (1608) isextracted, the same operations as those in the case of encrypted filereading mentioned above are carried out. Using the extracted filelocation information (1608), a free space of the magnetic disk (1601) ischecked, and then the encrypted file (1604) is written into the freespace of the magnetic disk (1601). After completion of writing theencrypted file (1604), the file location information (1608) is updatedand encrypted. Thereafter, the encrypted file location information(1701) is written onto the magnetic disk (1601).

With reference to FIG. 18, the following describes a configuration of adisk system controller (1801) according to the present invention.

The disk system controller (1801) of the present invention includes aCPU (1802) serving as an internal disk system processor, a magnetic diskinterface (1813), and a host system interface (1814). The CPU (1802)comprises a microprocessor (1805), a cryptographic processing algorithmROM (1806), a cryptographic processing hardware circuit (1807), a RAM(1808), a key custody area (1811), an external bus controller (1809),and a random number generator (1820).

As shown in FIGS. 21 and 22, a plurality of magnetic disk devices mayalso be connected to an information processing apparatus.

Using a disk system controller such as mentioned above, all theinformation stored in a magnetic disk can be encrypted to ensuresecurity protection in information storage.

The cryptographic processing hardware circuit of the present inventionis a dedicated hardware component for common key cryptography in which acommon key is applied to both encryption and decryption. Thecryptographic processing hardware circuit comprises a rotator, an adder,an arithmetic logic unit, and other elements. It is also practicable touse such a common key cryptographic method as Multi-series cryptographyor M6 cryptography in which bit rotation, addition, and logic operationare primarily performed in units of a certain data length.

In a case where public key cryptography is used, there is provided amodulo arithmetic circuit capable of handling higher computationalcomplexity as a dedicated hardware circuit.

INDUSTRIAL APPLICABILITY

According to the present invention, cryptographic processing can becarried out without outputting sensitive information onto a system busand processor bus in an information processing apparatus. Sincecryptographic processing, sensitive information to beencrypted/decrypted, cryptographic algorithms, intermediatecryptographic results, and cipher key information are kept in a singlesemiconductor chip, it is possible to provide an information processingapparatus which is highly advantageous in information securityprotection.

1. An information processing apparatus including, a processing devicefor performing predetermined processing of information, and a bus forinterconnecting said processing device and other component devices ofsaid information processing apparatus, wherein said processing device isintegrated on a single semiconductor chip, internally generates firstkey information and second key information, internally encryptssensitive information inputted from said bus with said generated secondkey information, internally encrypts said generated second keyinformation with said generated first key information, and outputs saidencrypted sensitive information and said encrypted second keyinformation to said bus without outputting said first key informationused for encrypting said second key information to said bus, whereinsaid processing device newly generates different second key informationeach time sensitive information inputted from said bus is encrypted,wherein said first key information is common to a plurality of saidsecond key information, and wherein said processing device deletes saidfirst key information in said single semiconductor chip if anabnormality is detected, wherein said processing device comprises: amicroprocessor for carrying out said predetermined processing; agenerator for generating said first key information; a cryptographicalgorithm memory device for storing an algorithm for informationcryptographic processing; a volatile memory device for storing saidgenerated first key information; a cryptographic processing device forcarrying out cryptographic processing with said algorithm; and amicroprocessor bus for interconnecting said microprocessor, saidgenerator, said cryptographic algorithm memory device, said volatilememory device and said cryptographic processing device, wherein a powersupply to said volatile memory is stopped so as to delete said first keyinformation in said single semiconductor chip if said abnormality isdetected, and wherein said processing device voids a control signal tosaid volatile memory until an internal logical block in said processingdevice is finished initializing.
 2. An information processing apparatusincluding, a processing device for performing predetermined processingof information, and a bus for interconnecting said processing device andother component devices of said information processing apparatus,wherein said processing device is integrated on a single semiconductorchip, internally generates first key information and second keyinformation, internally encrypts sensitive information inputted fromsaid bus with said generated second key information, internally encryptssaid generated second key information with said generated first keyinformation, and outputs said encrypted sensitive information and saidencrypted second key information to said bus without outputting saidfirst key information used for encrypting said second key information tosaid bus, wherein said processing device newly generates differentsecond key information each time sensitive information inputted fromsaid bus is encrypted, wherein said first key information is common to aplurality of said second key information, wherein said processing devicedeletes said first key information in said single semiconductor chip ifan abnormality is detected, wherein said processing device comprises abattery backed first RAM for storing said generated first keyinformation and a second RAM for storing said generated second keyinformation, said second RAM including a working area, and wherein saidprocessing device voids a control signal to said battery backed firstRAM until an internal logical block in said processing device isfinished initializing.
 3. An information processing apparatus as claimedin claim 2, wherein said processing device comprises an external buscontroller for preventing non-encrypted sensitive information from beingoutput onto said bus.
 4. An information processing apparatus as claimedin claim 3; wherein information not requiring encryption is output ontosaid bus through said external bus controller.
 5. An informationprocessing apparatus as claimed in claim 2, wherein a memory device isprovided for storing information encrypted by said processing device. 6.An information processing apparatus as claimed in claim 2, wherein saidprocessing device comprises means for decrypting encrypted informationat an information write operation.
 7. An information processingapparatus as claimed in claim 6, wherein said information processingapparatus is connected to a different information processing apparatusthrough a network, and wherein said information processing apparatusdecrypts encrypted information which is received from said differentinformation processing apparatus.
 8. An information processing apparatusas claimed in claim 2, wherein a plurality of said processing devicesare provided, and cryptographic processing is carried out in each ofsaid processing devices.
 9. An information processing apparatus asclaimed in claim 2, wherein said processing device comprises means forreceiving an encrypted program and for carrying out decryption thereof.10. An information processing apparatus as claimed in claim 2, whereinsaid abnormality is a disassembly or removal of a case or housing ofsaid processing device.
 11. An information processing apparatus asclaimed in claim 2, wherein said first key information is a randomnumber, and wherein said generator generates said random number based ona signal outputted from a constant voltage diode.